Method for preventing unauthorized use of credit cards in remote payments and an optional supplemental-code card for use therein

ABSTRACT

A method for preventing unauthorized use of credit cards in remote payments and a supplemental-code card for therein is disclosed. A unique code list is provided by the credit company to the credit card owner for use with the credit card. The codes are distributed in a variety of possible ways, including through A.T.M. machines, stores, e-mail or faxes. A copy of each code list is associated at the credit card company with the owner of the credit card. Each code is only for a single use. For every remote payment, the credit card owner transmits one of the codes to the creditor, along with conventional credit card data. The credit card company verifies the transmitted information and accepts or rejects the transaction. The codes may be provided on a supplemental-code card with some mechanism to ensure that each code is used only once.

This application is made pursuant to 35 U.S.C. §371 of internationalapplication number PCT/IL99/00443, filed Aug. 17, 1999, with a prioritydate of Aug. 17, 1998.

FIELD OF THE INVENTION

The present invention generally relates to a method for preventingunauthorized use of credit cards in remote payments, and an optionalsupplemental-code card for use in said method. More specifically,according to the method of the present invention each remote payment issecured by a unique code (for only one time use) which is known only tothe credit card owner and to the credit company. According to onepreferred embodiment of the present invention, lists of the unique codesare supplied to the credit card owners through automatic-teller machines(hereinafter called also A.T.M). According to another preferredembodiment, the unique codes are supplied to the credit card ownersprinted on supplemental-code cards, which supply lists of codesconfidentially and help the credit card owners to find out the validcode for each particular remote payment. According to another preferredembodiment, the unique codes are supplied to the credit card owners byany electronic media such as Internet, e-mail, etc.

BACKGROUND OF THE INVENTION

Remote payments by credit cards are constantly growing in importance inthe world economy. In conventional credit card remote payments, a creditaccount is charged according to instructions and credit card detailsgiven by the customer, without checking the physical presence of thecard in the customer hand. Many people hesitate to use a credit card,because its details can be reached and exploited by unauthorized users.The credit card companies have no effective way to prevent such illegaluse of credit cards by unauthorized users.

The purpose of the present invention is to provide a facile and simplemethod for totally secure remote payments, without changing theconventional credit card held by the user.

The method according to the present invention is for distinguishingbetween authorized and unauthorized payments, and an optionalsupplemental-code card can be used in said method together with theconventional credit card. (Another advantage in using the method of thepresent invention is the avoidance of mistaken payments, such as doublecharging).

Such protection will encourage the use of credit cards in remotepayments, while reducing the losses and the accompanying expenses causedby unauthorized and illegal use.

The method according to the present invention and the optionalsupplemental-code card can be used also for regular direct credit cardpayments (i.e. involving presenting the physical credit card by itsowner to the creditor), all according to the economic policy of thecredit company.

The use of the method according to the present invention will alsorelease the existing psychological inhibitions in working with creditcards, thus increasing their request and usage.

In the context of the present invention:

The term “remote” relates to a payment performed through communicationbetween a credit card owner and a remote creditor, made by any knownphysical way such as electrical wires, radio, optic fiber, and throughany acceptable media such as: phone, fax machine, mail, interactivetelevision or Internet.

The term “payments” relates not only to payments, but to any remoteactivity which is involved with a transmission of valid credit carddata, and makes use (or suited to make use) of the protection method ofthe present invention.

The term “remote payment” relates to any payment by credit card, usingthe card data without the presence of the physical card at the physicalsite of the merchant.

The term “code” relates to any combination of digits or letters.

The term “credit company” relates to any financial or commercial entitysupplying remote payments services.

The term “credit card” relates not only to a concrete physical card but(and especially) to the constant data of a credit account and its owner,which is regularly used to perform conventional remote payments.However, it has to be noted that according to the present invention (anddifferently from conventional credit card payments), the constant dataof a credit card do not have to include a constant identificationnumber, and all the payments can be executed using only the single usecodes, together with any constant data predetermined by the creditcompany as a precondition for accessing the registered code list copy ofthe specific credit card owner, in the credit company office.

SUMMARY OF THE INVENTION

The present invention relates to a method for preventing unauthorizeduse of credit cards in remote payments comprising the steps of:

(a) providing by a credit company a plurality of secret code lists foruse with a plurality of credit cards, wherein each list is provided tothe use of a single owner of at least one credit card, and each code isfor only a single use (preferably, the secret codes are generatedrandomly by an appropriate computer program, as known in the art), andwherein a copy of the code content of each list is registered(preferably stored in a credit computer) in an office of the creditcompany on a name of its authorized user (hereinafter called “creditcard owner”);

(b) transmitting one code from said list to a creditor by a credit cardowner for every separate remote payment, together with any requiredconventional data of the credit card,;

(c ) verifying the said single code together with the other conventionalcredit card data through a dialogue (by either voice, interactivetelevision, by computer, Internet, fax machine, mail or e-mail) betweenthe creditor and the credit company, and accepting or rejecting thepayment, according to the verification result. The said dialogue can bedone either between humans, between a human and a machine orautomatically between machines without the involvement of humans; and

(d) invalidating the single code used for an accepted payment, from theregistered code list copy in the credit company office.

According to one preferred embodiment of the invention, the code list issupplied to the credit card owners through the known existing automaticteller machines (A.T.M.). The machine is programmed for producing listsof random codes (or receiving them on-line from the computer of thecredit company), printing them on a voucher for the user, andtransmitting them to the credit computer of the credit company for aregistration on the name of its authorized user, wherein all saidprocedure is executed subsequently to the detection of a physical validautomatic-teller card inserted by a user into the machine, and onlyafter typing-on its associate secret code.

According to another preferred embodiment the automatic teller machine(A.T.M.). is programmed for offering the user a selection of customeroptions, such as: determining which of the credit card activities willrequire a supplemental-code; determining the amount of codes in thegenerated code list; etc.

Actually, the present invention may be thought of as providing anadvanced credit card type, having a variable card number, varying forevery single use of the card. This variable card-number is a combinationof the conventional fixed card-number and the single use code.

In another preferred embodiment the present invention provides asupplemental-code card (hereinafter called also “code card”) forpreventing unauthorized use of credit cards according to the saidmethod, wherein the code card contains a list of codes for use in saidmethod. Preferably, each code is covered by a removable layer of opaquematerial, for removal by the credit card owner according to apredetermined uncovering progression, prior to performing each remotepayment.

The covering material may be a removable sticker (preferably having afree end for facile pulling out), or a scratchable printing paint, or acombination thereof. In the combination, the sticker is covered with alayer of scratchable printing paint such that once it was removed it ispermanently damaged, thus a double use or glimpsing the code by fraudsis prevented. This combination integrates the advantage of a sticker(i.e. its facile removal) and the advantage of the scratchable paint(i.e. better confidence).

It has to be noted that the method of the present invention does notrely on any physical code card, and the code list may be supplied to theusers through automatic-teller machines (A.T.M.)., through an electronicwallet, through phone by voice, through a mailed letter, or throughelectrical means such as by facsimile machine, by the Internet, bye-mail or by any other acceptable distribution way.

According to the present invention, the code may be of onecharacter/digit or more (or a combination thereof), according to therequired protection level and to other considerations of design.

In terms of credit card security, a 4 digit code may be considered asunbreakable, however there is no prevention to expand it to more than 4digits, or to use letters additionally to the digit decade.

The number of codes included in one card is a matter of design.According to the present invention a card may include from one code upto several tens of codes (or more), according to the card dimensions,and the size of code characters (font size). The codes may be configuredin any wanted form of columns or rows (and may be arranged either fromone side or all sides of the card). Preferably, the code list can bedesigned to be used successively, and the computer of the credit companyis programmed such that a non-permitted deviation from the successiveorder of the codes (there might be also a permitted deviation, allaccording to the predetermined rules of the credit-card company),disqualifies the whole respective code list. However, according to otherembodiments, a non successive use of codes is permitted, provided thatthey are all of a single list, or more (as will be determined by thecredit company).

The supplemental code card can be made of any material, and the codesmay be printed or embedded on it in any known method, and in anypredetermined configuration.

According to another embodiment, the codes in the card are not covered,however the card is perforated or has a cut near each code, allowing afacile removal or facile marking of used codes, by tearing the relevantperforated portions of the card, in order to prevent double use ofcodes.

According to one preferred embodiment of the method of the presentinvention, the codes are coupled in the office of the credit company tospecific credit card owners, in advance.

According to other embodiments of the method of the present invention,each code list has its own identification label, and the code lists aredistributed to the credit card owners randomly, by mail, stores or otheracceptable distribution ways, and their copies in the office are coupledto the record of a specific credit card owner according to a latercommunication of each owner reporting to the company the label data of acode list to be used.

In order to reduce the memory space needed for storing large scale ofcode lists (especially when generated in advance for large scaledistribution, as hereinbefore said) it is possible to generate the codesby means of a secret computer algorithm such that said identificationlabel of each supplemental-code card is a key for the secret algorithmfor generating the list, and such that code lists do not have to bestored in the computer memory (only the key label has to be coupled tothe specific owner, wherein each code is computed momentarily forchecking the legality of a current remote payment).

BRIEF DESCRIPTION OF THE DRAWINGS

The present invention will be further described by FIGS. 1-4. Thesefigures are solely intend to illustrate some preferred embodiments ofthe supplemental code card and in no manner intend to limit the scope ofthe present invention.

FIG. 1 illustrates a card having codes, each of four digits, coveredwith a scrathable material.

FIG. 2 illustrates a card having codes covered with stickers.

FIG. 3 illustrates a card having codes covered with stickers and ascratchable material, in combination.

FIG. 4 illustrates a card having codes, each of seven digits, coveredwith stickers.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

FIG. 1 illustrates a supplemental code card (1) according to anembodiment of the present invention, having 15 codes arranged in threecolumns. Each code is of four digits (only for example purpose) andcovered with a thin layer of a scratchable printing paint (5). Prior tothe execution of each payment, the credit card owner has to scratch andremove the cover of another code, and to report it together with theconventional credit card data.

In this figure, the code (2) and the next one, are already used. Thevalid code for the current payment (3), is illustrated half scratched.The card has identification number which is also covered (4) with thescratchable material. This number is for reporting to the credit companywhat card the credit card owner is using. It is helpful in case that thecredit company supplies the owner with more than one code card at atime, or in case that the code card is acquired by the user in a store.If no identification is needed (i.e. one code card is supplied to acredit card owner at a time) the identification number is unnecessary,and the code card does not have to include it.

FIG. 2 illustrates a code card (6) having 15 codes, each is covered by asticker (10). The code (8) and the two next ones, are exposed since theyhave already been used. The card identification (7) is also exposed. Thevalid code for the current payment (9) is illustrated during the removalof its sticker, which is seen half separated from the card.

FIG. 3 illustrates a code card (11) having 15 codes, each is covered bya combination of both a sticker and a removable layer. The end of thestickers (12) is a tag not covered by the removable layer, thus it canbe easily pulled out (15) for removing the sticker. When a sticker isremoved, the removable layer is permanently damaged, and the stickercannot be repaired. Two used codes (14) and the next one, are exposed,and so is the card identification (13).

FIG. 4 illustrates a card (16) having codes, each of seven digits,covered with stickers. The security given by 7 digits (from thestatistical perspective) permits using the codes with no obligation toany predetermined order, thus (differently from the preferred use of thecards of FIGS. 1-3), no serial numbers are printed adjacent to thestickers. A few used codes, which were used randomly without anysuccessive order, are illustrated (those whose stickers are removed).

The performance of a card having four digit codes as may require asuccessive order in its use, and of a card having seven digit codes asmay not require a successive order in its use, is only for ademonstration purposes. The actual requirements are subject to theconsiderations of the credit company.

This card is illustrated without identification number, as an examplefor a card supplied directly from the credit company to a specific user,thus registered in the company office on the name of the user, inadvance.

It will be apparent to those skilled in the art that variousmodifications and variations can be made in the various embodiments ofthe invention without departing from the spirit or scope of theinvention. Thus, it is intended that the present invention includemodifications and variations that are within the scope of the appendedclaims and their equivalents.

What is claimed is:
 1. A method for preventing unauthorized use ofcredit cards in transactions involving remote payments comprising thesteps of: providing a plurality of secret code lists for use withplurality of credit cards, wherein each list is provided by a creditcompany to an owner of at least one credit card, and each code is foronly a single use, and wherein a copy of the code content of each listis assigned in an office of the credit company according to the creditcard owner to whom it was provided; transmitting a single code from saidlist to a creditor by the credit card owner for every separate remotepayment, together with any required conventional data of the creditcard; verifying the single code together with the conventional creditcard data through a dialogue between the creditor and the creditcompany, and accepting or rejecting the remote payment, according to averification result; and invalidating the single code used for anaccepted remote payment from the code list.
 2. A method for preventingunauthorized use of credit cards according to claim 1, furthercomprising the steps of: supplying the code list to the credit cardowners through automatic teller machines programmed for producing listsof random codes or for receiving lists of random codes on-line from acomputer of the credit company; printing the code list on a voucher forthe credit card owner; and transmitting the code list to the computer ofthe credit company for assignment according to the credit card owner towhom it was supplied.
 3. A method for preventing unauthorized use ofcredit cards according to claim 2, wherein the automatic teller machinesare programmed for offering the credit card owner a selection ofcustomer options.
 4. A method for preventing unauthorized use of creditcards according to claim 2, further comprising the steps of: detecting aphysical valid credit inserted by the credit card owner into theautomatic teller machine; and verifying the identity of the credit cardowner through a secret code typed into the automatic teller machine bythe credit card owner.
 5. A method for preventing unauthorized use ofcredit cards according to claim 1, wherein each code list has its ownidentification label; the code lists are distributed to the credit cardowners randomly; and each code list is assigned to a specific creditcard owner according to a communication from each credit card ownerreporting to the credit card company the label data of a code list to beused.
 6. A method for preventing unauthorized use of credit cardsaccording to claim 1, wherein the codes are generated randomly by acomputer program.
 7. A method for preventing unauthorized use of creditcards according to claim 1, wherein each code is created independentlyof the transaction for which it is being used.
 8. A method forpreventing unauthorized use of credit cards according to claim 1,wherein each code is marked by the credit card owner to prevent repeatuse of said code.
 9. A code card for preventing unauthorized use ofcredit cards in transactions involving remote payments, wherein the codecard comprises a list of codes, wherein each code is usable for a singletransaction, and further wherein each code is covered by a removablelayer of opaque material for removal by a credit card owner according toa predetermined uncovering progression, prior to performing each remotepayment.
 10. A code card for preventing unauthorized use of credit cardsaccording to claim 9 wherein the removable layer is scratchable printingmaterial.
 11. A code card for preventing unauthorized use of creditcards according to claim 9 wherein the removable layer is a sticker. 12.A code card for preventing unauthorized use of credit cards according toclaim 9 wherein the removable layer is a combination of a stickercovered by a scratchable printing material and having free tags forfacile removal.
 13. A code card for preventing unauthorized use ofcredit cards according to claim 9, wherein each code is createdindependently of the transaction for which it is being used.
 14. A codecard for preventing unauthorized use of credit cards in transactionsinvolving remote payments, wherein the code card comprises a list ofcodes.
 15. A code card for preventing unauthorized use of credit cardsaccording to claim 14, wherein each code is created independently of thetransaction for which it is being used.